Organizations Can Be Twice As Secure at Half the Cost

Last week at VMworld, Pat Gelsinger made a statement that got folks buzzing. During his Cyber-Security-King_Blogkeynote, he said that integrating security into the virtualization layer would result in organizations being twice as secure at half the cost. As a long-time security guy, statements like that can seem a little bold, but VMware has data, and some proven capability here in customer environments.

We contend that the virtualization layer is increasingly ubiquitous. It touches compute, network, and storage – connects apps to infrastructure – and spans data center to device. More importantly, virtualization enables alignment between the things we care about (people, apps, data) and the controls that can protect them (not just the underlying infrastructure).

Let me speak to the statement from the data center network side with some real data. VMware has a number of VMware NSX customers in production that have deployed micro-segmentation in their data centers.  Here’s what we found:

  1. 75% of data center network traffic is East-West, moving VM to VM regardless of how convoluted the path may be.
  2. Nearly all security controls look exclusively at North-South traffic, which is the traffic moving into and out of the data center; 90% of East-West traffic never Continue reading

Android porn app snaps pic of user, locks it on home screen with $500 ransom demand

Some unlucky individuals thought they had downloaded the Android app Adult Player to watch porn videos, but the app silently takes a photo of users while they use the app and then displays the image on the home screen, along with a ransom note demanding $500.Researchers from Zscaler's ThreatLab first discovered the "new mobile ransomware variant that leverages pornography to lure victims into downloading and installing it." Perhaps the desire for viewing porn is stronger than common sense, as the permissions asked to be activated as device admin. It asks for the right to monitor screen-unlock attempts and to "lock the phone or erase all the phone's data if too many incorrect passwords are typed."To read this article in full or to leave a comment, please click here

Help a refugees would enrich ourselves

This website is for those who want to share their apartment with a refuge. You don't even have to pay -- refugee organizations will pay their share of the rent. This is frankly awesome.

I grew up around refugees. Our neighbors were refugees from south Vietnam. They flew out with the fleeing American troops as the South Vietnamese government collapsed. They got onto an overloaded helicopter that had barely enough fuel to reach the aircraft carrier off the coast. That helicopter was then dumped overboard, to make room for more arriving refugees and American troops.

Because my father was a journalist reporting on El Salvadoran refugees, we became life-long friends with one of those families. She was a former education minister, he was a former businessman. It was "suggested" that she resign from government. One night, while driving home, a paramilitary roadblock stopped them. Men surrounded the car and pointed guns at them. The leader then said "wait, they've got children in the back", at which point the men put down their guns and fled. In other words, they should be dead. They fled to the United States soon after, and hid in a church basement. Since El Salvador was Continue reading

Lego Bricks and Network Operating Systems

One of the comments I got on my Lego Bricks & BFT blog post was “well, how small should those modular Lego bricks be?

The only correct answer is “It should be Lego bricks all the way down” or (more formally) “Modularity is a concept that should be applied at every level of the architecture.

Today let’s focus on how much easier the life would be if we could take apart the network operating systems instead of just watching them as glued-together Death Stars.

Read more ...

Trend Micro’s spam traps surface more Ashley Madison fake users

There hasn't been a lack of strange things turning up in the Ashley Madison data leak.One of the latest discoveries comes from Trend Micro, which found bogus Ashley Madison profiles that used email addresses the company created solely for collecting spam samples.The email addresses are known as "honeypots," a general term for systems set up by researchers in the hope that they will be attacked. Studying the attacks can shed light on new methods used by malicious hackers.One of Trend's addresses was used for a profile describing a 33-year-old Los Angeles woman who is "sexy, aggressive" and "knows what she wants," wrote Ryan Flores, a threat research manager with Trend, in a blog post.To read this article in full or to leave a comment, please click here

WhatsApp fixes dangerous flaw in Web app

WhatsApp, the widely used messaging program, has fixed a dangerous flaw in its Web app that could be used to trick people into installing malware, according to Check Point.The flaw could affect as many as 200 million people who use WhatsApp's web interface, wrote Oded Vanunu, Check Point's group manager for security research and penetration."All an attacker needed to do to exploit the vulnerability was to send a user a seemingly innocent vCard containing malicious code," he wrote.To read this article in full or to leave a comment, please click here

Cisco ACI PowerTool

If you are frequent reader of this blog, it’s no surprise I’m focused on automation these days. It’s been primarily centered around using Python and Ansible with a little Puppet and Chef sprinkled in. I had the opportunity recently to change things up a bit using the Cisco ACI PowerTool and thought I’d share a few things about it.

First off, the ACI PowerTool is a PowerShell module that helps automate all aspects of a Cisco ACI fabric.

Second, it’s no a secret that the same rocket scientist created both the Cisco UCS and ACI object models. That said, the UCS PowerTool has been around for years and offers PowerShell modules that can be used to manage, operate, and automate Cisco UCS environments. As you may have guessed the Cisco ACI PowerTool is the same thing, but used to manage and automate Cisco ACI fabrics using PowerShell.

And as luck would have it, I’m still a Windows user, so I was able to get this up and running extremely fast. In full transparency, I haven’t spent much time with PowerShell at all before this, and it was super easy to get going, so no matter what your background, it’s worth Continue reading

Video: The real value of hybrid cloud

Public or private cloud - why choose one when you can have both?Hybrid cloud computing is the idea of connecting a private cloud that sits inside the corporate firewall to some public cloud hosted by a service provider.+MORE AT NETWORK WORLD: Can VMware survive in a post-virtualization world? +Doing so gives organizations all the benefits of both worlds: Private clouds can handle security-sensitive workloads, while the public cloud is great for apps that have varying demand of resources.But saying is easier than doing. At VMworld in San Francisco, we chatted with Cliqr’s Kurt Milnes to discuss how to overcome some of the chief challenges related to hybrid cloud computing.To read this article in full or to leave a comment, please click here

Containers key as Cisco looks to “open” data center OS

A key but quiet component of Cisco’s “open” data center operating system is the ability to build applications and microservices via Linux containers.It’s not a new capability but an increasingly important one for making – and marketing – Cisco’s NX-OS as “open,” a campaign that began in June. Open NX-OS includes object store and model driven RESTful and XML/JSON API support in the NX-API; native third-party application integration of Puppet, Chef and Ganglia, among others; a software developer’s kit for application integration; and Linux utilities support for tool integration across compute and network.To read this article in full or to leave a comment, please click here

Microsoft Edge browser gets its first critical patches

Released a little over a month ago, Microsoft's new Edge browser has gotten its first set of critical security patches.As part of its monthly round of security fixes, colloquially known as Patch Tuesday, Microsoft released a critical bulletin, MS15-05, with four patches covering vulnerabilities in the Windows 10-only Edge browser.Overall this month, Microsoft issued 12 bulletins covering 56 vulnerabilities. Five bulletins were deemed as critical, meaning they should be addressed as soon as possible.In addition to Edge, this month's patches cover issues in Internet Explorer, Windows, Office, Exchange, the .Net framework, the Hyper-V virtual machine, Active Directory, and Skype for Business.To read this article in full or to leave a comment, please click here

Microsoft Edge browser gets critical patches

Released a little over a month ago, Microsoft's new Edge browser has gotten a set of critical security patches.As part of its monthly round of security fixes, colloquially known as Patch Tuesday, Microsoft released a critical bulletin, MS15-095, with four patches covering vulnerabilities in the Windows 10-only Edge browser.Overall this month, Microsoft issued 12 bulletins covering 56 vulnerabilities. Five bulletins were deemed as critical, meaning they should be addressed as soon as possible.In addition to Edge, this month's patches cover issues in Internet Explorer, Windows, Office, Exchange, the .Net framework, the Hyper-V virtual machine, Active Directory, and Skype for Business.To read this article in full or to leave a comment, please click here

Cisco adds sFlow support to Nexus 9K series

Cisco adds support for the sFlow standard in the Cisco Nexus 9000 Series 7.0(3)I2(1) NX-OS Release. Combined with the Nexus 3000/3100 series, which have included sFlow support since NX-OS 5.0(3)U4(1),  Cisco now offers cost effective, built-in, visibility across the full spectrum of data center switches.
Cisco network engineers might not be familiar with the multi-vendor sFlow technology since it is a relatively new addition to Cisco products. The article, Cisco adds sFlow support, describes some of the key features of sFlow and contrasts them to Cisco NetFlow.
Nexus 9000 switches can be operated in NX-OS mode or ACI mode:
  • NX-OS mode includes a number of open features such as sFlow, Python, NX-API, and Bash that integrate with an open ecosystem of orchestration tools such as Puppet, Chef, CFEngine, and Ansible. "By embracing the open culture of development and operations (DevOps) and creating a more Linux-like environment in the Cisco Nexus 9000 Series, Cisco enables IT departments with strong Linux skill sets to meet business needs efficiently," Cisco Nexus 9000 Series Switches: Integrate Programmability into Your Data Center. Open APIs are becoming increasingly popular, preventing vendor lock-in, and allowing organizations to benefit from the rapidly increasing range of open hardware Continue reading

Africa’s effort to tackle cybercrime gains momentum

Africa’s efforts to tackle cybercrime are gaining momentum as Tanzania joins African countries including Zambia, Nigeria, South Africa and Kenya in coming up with a law that includes penalties of up 10 years in prison.The law comes amid claims that Tanzania has one of the highest rates of cybercrime and social media abuse in Africa. Tanzanian President Jakaya Kikwete has already approved the Cyber Crimes Act of 2015, which becomes operational this week.The Tanzania Communications Regulatory Authority (TCRA) is already warning of tough actions against cybercriminals in the East African country as a result of the new law.Critics have said however, that the Tanzanian law targets social media with the aim of regulating its use in order to silence divergent views and critics of the government.To read this article in full or to leave a comment, please click here

Microsoft released 12 patches, 5 rated critical, 1 being exploited in the wild

Microsoft released 12 security updates for September 2015 Patch Tuesday, five of which are rated critical and one is currently being exploited in the wild.Microsoft patches rated criticalMS15-097 contains a fix for a flaw currently being exploited in the wild, so it should be your top priority. It patches 11 vulnerabilities in Microsoft Graphics Component which could allow remote code execution.Qualys CTO Wolfgang Kandek wrote, “The bulletin is rated critical on Windows Vista and Server 2008, plus Microsoft Office 2007 and 2010, plus Lync 2007, 2010, 2013. In addition one of the vulnerabilities, rated as only as important in the bulletin is under attack in the wild: CVE-2015-2546 allows for an escalation of privilege once on the machines, allowing the attacker to become administrator of the targeted machine. CVE-2015-2546 affects all versions of Windows including Windows 10.”To read this article in full or to leave a comment, please click here

1 3,244 3,245 3,246 3,247 3,248 3,756